Device including encrypted data for expiration date and verification value creation
In order to make it more difficult to obtain numbers that can be used to conduct fraudulent transactions, a portion of a real account number is encrypted. The encrypted portion of the account number is used to generate a new account number, a new expiration date, and a new verification value. This information can be determined using processor that may reside in a point of sale terminal, a smart card, or a computer operated by a user. The new account number, the new expiration date, and the new verification value can be used in a payment transaction. A server computer in a central payment processing network may determine that the new account information is not the real account information, and may subsequently generate a modified authorization request message using the real account information and may send it to an issuer for approval. The transmission of data is more secure, since real account information is not sent from the merchant to the payment processing network.
Latest Visa International Service Association Patents:
- Structured graph convolutional networks with stochastic masks for network embeddings
- Hosted thin-client interface in a payment authorization system
- System and method for determining merchant store number
- TIME SERIES PREDICTIVE MODEL FOR ESTIMATING METRIC FOR A GIVEN ENTITY
- DIGITAL INSTANT ISSUANCE WITH INSTANT PROCESSING
This application is a divisional of U.S. patent application Ser. No. 12/778,638 filed on May 12, 2010, which is a non-provisional of and claims the benefit of the filing date of U.S. Patent Application No. 61/179,970, filed on May 20, 2009, both of which are herein incorporated by reference in their entirety for all purposes.
BACKGROUNDThere is a need for more secure data transfer when paying for goods and services using payment cards such as debit, credit, and stored value cards.
In a typical payment transaction, a user may use a credit card to purchase an item at a merchant. The user may swipe his credit card through a POS (point of sale) terminal, and the POS terminal may generate an authorization request message including the account number, expiration date, and card verification value (CVV) associated with the credit card. The authorization request message may pass to the issuer of the credit card, and the issuer may approve or deny the request to authorize the transaction.
If information such as the account number, expiration date, and card verification value is obtained by an unauthorized person, the unauthorized person could potentially purchase goods and services using the obtained information. Such information could theoretically be intercepted by the unauthorized person during a transaction (e.g., as the account information passes from the merchant to the payment processing network) or it could be surreptitiously obtained from the card while it is with the authorized user.
There is a need for improved data security systems. Embodiments of the invention address these and other problems, individually and collectively.
BRIEF SUMMARYEmbodiments of the invention can alter account information such as an expiration date and/or verification value (e.g., CVV or CVV2) to protect account information.
In some embodiments, in order to make it more difficult to obtain numbers that can be used to conduct fraudulent transactions, a portion of a real account number associated with a payment card can be encrypted. Different segments of the encrypted portion of the real account number can be used to create a new expiration date, a new verification value (e.g., a CVV2 value), and a new account number. The new expiration date, the new verification value, and the new account number can comprise new account information, which can be used instead of real account information to conduct payment transactions.
In some embodiments, when a payment transaction is conducted using the new account information and the payment card, an authorization request message may be generated and the new account information may be sent to a server computer in a payment processing network. The server computer can determine that the received new account information is not the real account information. It can subsequently determine the real account information (including the real account number, the real expiration date, and the real verification value) from the new account information. If the server computer does not make the authorization decision, a modified authorization request message may be generated and then sent to an issuer that issued the real account information. The issuer can then approve or deny the transaction authorization request.
One embodiment of the invention is directed to a method comprising encrypting, using a processor, a portion of a first account number to form an encrypted portion, the first account number being associated with a first expiration date and a first verification value. The method also includes determining a second expiration date or a second verification value using a segment of the encrypted portion.
Another embodiment of the invention is directed to a computer readable medium comprising code, executable by a processor, for implementing a method comprising: encrypting, using a processor, a portion of a first account number to form an encrypted portion, the first account number being associated with a first expiration date and a first verification value; and determining a second expiration date or a second verification value using a segment of the encrypted portion.
Another embodiment of the invention is directed to a method comprising: receiving an initial authorization request message comprising a second account number, and at least one of a second expiration date and a second verification value. After the second account number and at least one of the second expiration date and the second verification value are received, a server computer can determine a first account number, a first expiration date, and a first verification value from the second account number. A modified authorization request message including the first account number, the first expiration date, and the first verification value can be sent to an issuer. The first verification value is different than the second verification value and the first expiration date is different than the second expiration date.
These and other embodiments of the invention are described in further detail below.
Embodiments of the invention provide for methods and systems for generating a verification value such as a CVV or CVV2 value, a new second account number, and a new second expiration date from first real account information including a real first account number. Embodiments of the invention can be used for both card present and card-not-present (CNP) transactions.
Embodiments of the invention have a number of advantages. Embodiments of the invention are able to maintain or improve existing user experiences, minimize the impact on merchant processes/systems, leverage existing network data transport mechanisms, utilize an existing issuer validation infrastructure, support multiple forms of implementation, and maintain consistency with a broader authentication strategy. Further, because authentication elements such as expiration dates and the verification values associated with a payment card can change in embodiments of the invention and otherwise appear to be normal to unauthorized persons and can use an encryption process that is not known to the general public, it is difficult, if not impossible, for an unauthorized person to obtain the real account information associated with the user's payment card.
Referring to
The verification value may be a CVV (card verification value) value. There can be two types of CVV values. The first, called CVC1 or CVV1, is encoded on the magnetic stripe of a payment card. The second, called CVC2 or CVV2, is printed on the payment card.
The CVV1 code is used for “in person” transactions, where the consumer using the payment device is physically present at the time of purchase. The consumer hands the merchant his payment card, and the merchant swipes it through a point of sale terminal. Information stored on the magnetic stripe, including the CVV1 code, is read from the magnetic stripe and transmitted to an authenticating entity (e.g., an issuer or a payment processing organization such as Visa) in a purchase transaction for verification (authentication).
However, transactions over the Internet, by mail, fax or over the phone cannot be verified using the CVV1 code. For these so-called “card not present” (CNP) transactions, the merchant will use the CVV2 code to confirm that the consumer is in possession of the authentic card by asking the consumer to state the code over the phone (in a phone transaction) or enter it into a Web page (in an Internet transaction). The CVV2 code is used to authenticate the purchase transaction by comparing the code supplied by the consumer against the code that is stored in a cardholder database at a payment processor facility. If the purchase transaction is authenticated, then an authorization request is sent to the issuer of the card to approve or deny the purchase.
A portion of the first account number can then be encrypted by the processor to form an encrypted portion (step 104). Any suitable number of digits in the first account number may be encrypted using any suitable encryption algorithm. For example, a middle portion of the first account number (e.g., digits 2-11 sixteen digit account number) may be encrypted using an encryption algorithm such as DES or triple DES. Other types of encryption algorithms may be used in other embodiments of the invention.
A first segment of the encrypted portion of the first account number may then be selected by the processor (step 106). Any suitable number of digits may be present in the first segment, and any suitable portion of the encrypted portion may form the first segment.
Then, the first encrypted portion segment is then mapped to a second expiration date using the processor (step 108). The mapping of the second expiration date to the first encrypted portion segment may occur in any suitable manner. For example, if the first encrypted portion includes two digits, then the numbers from 0-99 in those two digits can be mapped to various expiration dates corresponding to a month (e.g., a number from zero to twelve) and a year (e.g., a two digit number representing a year).
Before or after the first encrypted portion segment is determined by the processor, a second encrypted portion segment of the encrypted portion is used by the processor to determine a second verification value (step 110). The second encrypted portion could be mapped to different verification values stored in a local or remote database, or it could simply be a representation of a new verification value. In the latter case, for example, if the second encrypted portion is “191,” then the new second verification value is also “191.”
Before or after the first and second encrypted portion segments are determined and/or processed by the processor, a third encrypted portion segment can be determined by the processor. A second account number can then be formed from the third encrypted portion segment (step 112). In the formation of the new second account number, the third encrypted portion segment can be inserted into the middle of a new second account number. In addition to the middle portion comprising the third encrypted portion segment, the new second account number may comprise a signal segment and a segment that is from the real first account number. For example, the second account number may be “4000001234569876.” “40000” may be a signal segment, “123456” may be the third encrypted portion segment, and “9876” may be a segment that is unchanged from the real first account number.
The segment that is from the real first account number may be the last four digits of the real account number. It is desirable to keep the last four digits of the real first account number and the new second account number the same, so that the user does not sense that anything is different. For example, when the user receives a receipt for a purchase transaction, the receipt will include the last four digits of the real account number and also the new account number. Typically, only the last four digits of an account number are shown on a purchase receipt, so the user does not see the change in account number and may not notice a difference.
As a result of steps 102, 104, 106, 108, 110, and 112, new second account information can be used by a consumer in a payment transaction. The use of the new second account information is described in further detail below.
In a detailed example illustrating steps 102, 104, 106, 108, 110, and 112, a processor in a smartcard or a POS terminal can determine an existing first account number associated with a payment card and can encrypt a portion of it. In some embodiments, the encryption process may not use dynamic data so the encrypted portion and the second account information derived from it may be used in all transactions conducted with the payment card. However, in other embodiments which are described below, the encrypted portion may be formed using dynamic data such as a date or counter, so that the encrypted portion and consequently the second account information changes periodically (e.g., with every transaction).
The processor can use the encrypted portion to create a new second account number, second expiration date, and second verification value such as a second CVV2 value. For example, an exemplary real first account number could be “4234561234567890,” and a new second account number can be generated. The second account number could take the form “40000xxxxxx7890,” where the last 4 digits of the second account number are the same as the last four digits of the real first account number. The number “40000” can be a signal segment that can alert a server computer in a payment processing network that the account number is not the real account number and that a decryption process needs to be performed. To fill in the digits “xxxxxx,” the processor can take the eleven digits “23456123456” from the real first account number and can apply a DES encryption algorithm (or any other suitable encryption algorithm) and decimalize it to obtain a new eleven digit number. The processor could then take six of these numbers and plug them into the digits “xxxxxx” in the new second account number above. Two of the numbers may be mapped to a four digit expiration date, and the remaining three numbers can be used as a new CVV or CVV2 value. If it is a CVV2 value, then the new CVV2 value would be displayed or otherwise provided to the user so that the user could provide this information to the merchant in a transaction. The new CVV2 value could be displayed on the user's phone, computer, or other device.
Referring to
Other information 220 can represent other data that may be used in combination with first account information 210 according to various embodiments. According to some embodiments, other information 220 can include data that changes on a regular basis. For example, other information 220 might include the current date, counter, the price of a transaction, information that is specific to a merchant, etc. The “other information” may be time dependent in nature, or location or merchant specific.
The other information may also include suitable encryption keys, including symmetric and asymmetric keys, that may be used with the encryption function 230. Suitable symmetric keys may include UDKs (“unique derived keys”). Such keys may be derived from user information such as the user's account number, birthday, social security number, etc., so that each key is unique to a particular user or payment card. The key and encryption algorithm may be previously loaded into the user's portable consumer device (e.g., a smartcard, phone, etc.).
Encryption function 230 can be a function that can take inputs, such as the first account number 210 and the other information 220, and transform the inputs into another value. For example, a portion of the first account number 220 can be encrypted. The output of the encryption function 230 can be represented by an encrypted portion 240. Any suitable encryption function including a DES or triple DES encryption functions can be used in embodiments of the invention.
Segments of the encrypted portion 240 can be used to form the second account information. For instance, the mapping function 250 can map a first segment of the encrypted portion 240 to a month and year value. The month and year value might be used as an expiration date for a credit or debit account in a transaction. The expiration date may be a dynamic second expiration date 270.
Other second account information may be determined from the encrypted portion 240. For example, a new dynamic second verification value 260 can be formed from a second encrypted portion segment of the encrypted portion 240. In another example, a new dynamic second account number 280 can be formed with a third encrypted portion segment.
As illustrated in
According to one embodiment, a new dynamic second verification value 260, a second dynamic account number 280, and a second dynamic expiration date 270 are created from a consumer's first account number 210 by first selecting the digits from the consumer's account number 210 that can serve as the basis for the dynamic numbers. In
Once digits from the first account number 210 have been selected, other information 220 is selected that will be used to help create the second dynamic card verification value 260, the second dynamic account number 280, and the second dynamic expiration date 270. According to one embodiment, at least a portion of the other information 220 is selected so that both the entity encoding the data (e.g., a processor in a POS terminal, a smartcard, etc.) and the entity decoding the data (e.g., a processor in a server computer remotely located from the point of sale) will know the value of the other information 220 without explicitly transmitting the other information 220 between the entities. For example, the current date could be used as a part of the other information 220. The entities encoding and decoding the data can have a mutual understanding that the other information 220 will comprise at least the current date, and both parties can use this information appropriately. Alternatively or additionally, the other information 220 may use a mutually agreed upon piece of data that will be transmitted as a part of a transaction. For example, the other data might include the price of the transaction or a merchant ID number. Many other possibilities for the value of the other information 220 also exist.
Once portions of the account number 210 and the other information 220 are selected, the encryption function 230 can be used to encrypt the portions of the account number 210 using other information 220 to produce the encrypted portion 240. The encrypted portion 240 can then be used, potentially along with other data, to generate the dynamic second account number 280, the dynamic second expiration date 270, and the dynamic second verification value 260.
In the embodiment illustrated in
The second dynamic account number 280 can also use segments of the encrypted portion 240. In the embodiment illustrated in
The second dynamic account number 280 may also contain portions of the actual first account number 210. For example, in the embodiment illustrated in
Portions of the encrypted portion 240 can also be used to create a dynamic second expiration date 270. In the example shown in
Portions of the encrypted portion 240 can also be used as a dynamic CVV2 value 260 (or other verification value). As shown in
Once the dynamic account number 280, dynamic expiration date 270, and dynamic CVV2 260 have been created, this dynamically generated data can be used as the payment data used to conduct a transaction. The dynamically generated data can thus take the place of the actual first account number 210, first expiration date, or first CVV2 value associated with the payment card of the consumer. Note that in some embodiments, the real account information such as the real account number may be displayed to the user (e.g., embossed on a card), but the second derived account information may not be visible or displayed to the user, but may be transmitted to the issuer instead of the real first account information.
An entity wishing to decode the actual first account number 210 for an account from the dynamically generated data (e.g., a server computer in a payment processing network or at an issuer), would typically need to know how the dynamic account number 280, dynamic expiration date 270, and dynamic CVV2 field 260 were created in order to extract the actual information out of the dynamic fields. An entity that knows precisely how the dynamic data is generated could undo the transformation to extract the actual first account number 210, but any entity that did not know how this information was assembled would not be able to extract useable account data out of the dynamic data. Furthermore, the dynamic data could regularly change for each use of the account number, based on how the other information 220 changed.
The embodiment illustrated in
The processes described above may be implemented by a processor in a portable consumer device (e.g., a payment card), access device, or any other device involved in a transaction. The steps of the methods that are described above may be carried out by a processor executing computer-executable code residing on a computer-readable medium in any one of these devices.
I. Exemplary SystemsA system according to an embodiment of the invention is shown in
As used herein, an “issuer” is typically a business entity (e.g., a bank) which maintains financial accounts for the user and often issues a portable consumer device such as a credit or debit card to the user. A “merchant” is typically an entity that engages in transactions and can sell goods or services. An “acquirer” is typically a business entity (e.g., a commercial bank) that has a business relationship with a particular merchant or other entity. Some entities can perform both issuer and acquirer functions. Embodiments of the invention encompass such single entity issuer-acquirers.
In
The consumer devices according to embodiments of the invention may be in any suitable form. In some embodiments, the consumer devices are portable in nature and may be portable consumer devices. Suitable portable consumer devices can be hand-held and compact so that they can fit into a user's wallet and/or pocket (e.g., pocket-sized). They may include smart cards, ordinary credit or debit cards (with a magnetic strip and without a microprocessor), keychain devices (such as the Speedpass™ commercially available from Exxon-Mobil Corp.), etc. Other examples of portable consumer devices include cellular phones, personal digital assistants (PDAs), pagers, payment cards, security cards, access cards, smart media, transponders, and the like. The portable consumer devices can also be debit devices (e.g., a debit card), credit devices (e.g., a credit card), or stored value devices (e.g., a stored value card).
Each consumer device may comprise a body, and a memory comprising a computer readable medium disposed on or within the body. In addition, the consumer device may also include a processor coupled to the memory, where greater functionality and/or security are desired. The computer readable medium may comprise code, executable by a processor, for implementing a method comprising: encrypting, using a processor, a portion of a first account number to form an encrypted portion, the first account number being associated with a first expiration date and a first verification value; and determining a second expiration date or a second verification value using a segment of the encrypted portion.
The payment processing network 26 may include data processing subsystems, networks, and operations used to support and deliver authorization services, exception file services, and clearing and settlement services. An exemplary payment processing network may include VisaNet™. Payment processing networks such as VisaNet™ are able to process credit card transactions, debit card transactions, and other types of commercial transactions. VisaNet™, in particular, includes a VIP system (Visa Integrated Payments system) which processes authorization requests and a Base II system which performs clearing and settlement services.
Referring to
The server computer 26(a) in the payment processing network 26 may comprise code, executable by a processor, for implementing a method comprising: receiving an initial authorization request message comprising a second account number, and at least one of a second expiration date and a second verification value; determining, using a server computer, a first account number, a first expiration date, and a first verification value from the second account number; and sending a modified authorization request message to an issuer, wherein the modified authorization request message comprises the first account number, the first expiration date, and the first verification value, wherein the first verification value is different than the second verification value and the first expiration date is different than the second expiration date.
The database 26(b) may store any suitable type of information. Suitable information that may be stored in the database 26(b) may include a lookup table linking first expiration dates with first encrypted portion segments, as well as other information.
The server computer 26(a) may also comprise a number of functional modules and data elements. They may include encryption keys 26(a)-1, a decryption module 26(a)-2, and a payment processing module 26(a)-3. Each of these modules may comprise any suitable combination of hardware and/or software to accomplish the functions described herein.
The payment processing module 26(a)-3 may comprise appropriate logic to process electronic payments. For example, the payment processing module 26(a)-3 may include an authorization sub-module for receiving and passing authorization request messages to appropriate issuers for approval. It may also include a clearing and settlement sub-module for clearing and settling transactions between different issuers and acquirers.
Referring again to
If the access device 34 is a point of sale terminal, any suitable point of sale terminal may be used including card readers. The card readers may include any suitable contact or contactless mode of operation. For example, exemplary card readers can include RF (radio frequency) antennas, magnetic stripe readers, etc. to interact with the portable consumer devices 32.
II. Exemplary MethodsMethods according to embodiments of the invention can be described with reference to
Referring to
In a typical in person purchase transaction, the user 30 purchases a good or service at the merchant 22 using a portable consumer device such as portable consumer device A 32-1, which may be in the form of a credit card, or portable consumer device B 32-2, which may be in the form of a phone. For instance, the user's portable consumer device A 32-a can interact with an access device 34 such as a POS (point of sale) terminal at the merchant 22. For example, the user 30 may take the credit card and may swipe it through an appropriate slot in the POS terminal. Alternatively, the POS terminal may be a contactless reader, and the portable consumer device B 32-2 may be a contactless device such as a contactless card.
In a typical Internet transaction, the user 30 may use his consumer device C 32-3 and may contact the Web site of the merchant 22 via the Internet 72. The user 30 may select goods for purchase and may enter information onto the Web site including payment card information. As described above, the merchant 22 may then request authorization of the transaction from the issuer 28, and a clearing and settlement process may be performed after the authorization process is performed.
Before an authorization request message is forwarded to the acquirer 24, a processor in any of the consumer devices A 32-1, B 32-2, or C 32-3, or in the access device 34, can determine the second account information from the real first account information (as described above). This second account information may include a second account number, a second expiration date, and a second verification value such as a second CVV2 value. This second account information may be derived from a real first account number (step 502).
After the second account information is determined, an authorization request message is then forwarded to the acquirer 24 (step 504).
After receiving the authorization request message (step 506), the authorization request message is then sent to the payment processing network 26. The server computer 26(a) in the payment processing network 26 then determines that the received second account number is not the user's real account information after analyzing the signal segment in the second account number. It then determines the first account number, the expiration date, and the verification value associated with the received second account information. It can use the decryption module 26(a)-2 and an appropriate key or keys 26(a)-1 to do this (step 508). After the server computer 26(a) determines the real first account information, the payment processing network 26 (or the server computer located therein) then generates a modified authorization request message including the first account information and then forwards it to the issuer 28 for approval if it does not make the authorization decision (step 510).
After the issuer 28 receives the authorization request message, the issuer 28 then responds with an authorization response message indicating whether or not the transaction is authorized, and the authorization response message is received at the payment processing network 26 and is forwarded back to the acquirer 24 (steps 512 and 514). The acquirer 24 then sends the response message back to the merchant 22.
After the merchant 22 receives the authorization response message, the access device 34 at the merchant 22 may then provide the authorization response message for the consumer 30. The response message may be displayed by the access device 34, or may be printed out on a receipt.
At the end of the day, a normal clearing and settlement process can be conducted by the transaction processing system 26. A clearing process is a process of exchanging financial details between and acquirer and an issuer to facilitate posting to a consumer's account and reconciliation of the consumer's settlement position. Clearing and settlement can occur simultaneously.
The various participants and elements may operate one or more computer apparatuses to facilitate the functions described herein. Examples of such subsystems or components are shown in
A consumer device may be in any suitable form. For example, suitable consumer devices can be hand-held and compact so that they can fit into a consumer's wallet and/or pocket (e.g., pocket-sized). They may include smart cards, ordinary credit or debit cards (with a magnetic strip and without a microprocessor), keychain devices (such as the Speedpass™ commercially available from Exxon-Mobil Corp.), etc. Other examples of consumer devices include cellular phones (e.g., the phone 34 described above), personal digital assistants (PDAs), pagers, payment cards, security cards, access cards, smart media, transponders, and the like. The consumer devices can also be debit devices (e.g., a debit card), credit devices (e.g., a credit card), or stored value devices (e.g., a stored value card). Other consumer devices may include personal computers, laptops, or other devices capable of communicating over the internet.
An exemplary consumer device 32′ in the form of a phone may comprise a computer readable medium and a body as shown in
Information in the memory may also be in the form of data tracks that are traditionally associated with credits cards. Such tracks include Track 1 and Track 2. Track 1 (“International Air Transport Association”) stores more information than Track 2, and contains the cardholder's name as well as account number and other discretionary data. This track is sometimes used by the airlines when securing reservations with a credit card. Track 2 (“American Banking Association”) is currently most commonly used. This is the track that is read by ATMs and credit card checkers. The ABA (American Banking Association) designed the specifications of this track and all world banks must abide by it. It contains the cardholder's account, encrypted PIN, plus other discretionary data.
The consumer device 32 may further include a contactless element 32(g), which is typically implemented in the form of a semiconductor chip (or other data storage element) with an associated wireless transfer (e.g., data transmission) element, such as an antenna. Contactless element 32(g) is associated with (e.g., embedded within) consumer device 32 and data or control instructions transmitted via a cellular network may be applied to contactless element 32(g) by means of a contactless element interface (not shown). The contactless element interface functions to permit the exchange of data and/or control instructions between the mobile device circuitry (and hence the cellular network) and an optional contactless element 32(g).
Contactless element 32(g) is capable of transferring and receiving data using a near field communications (“NFC”) capability (or near field communications medium) typically in accordance with a standardized protocol or data transfer mechanism (e.g., ISO 14443/NFC). Near field communications capability is a short-range communications capability, such as RFID, Bluetooth™, infra-red, or other data transfer capability that can be used to exchange data between the consumer device 32 and an interrogation device. Thus, the consumer device 32 is capable of communicating and transferring data and/or control instructions via both cellular network and near field communications capability.
The consumer device 32 may also include a processor 32(c) (e.g., a microprocessor) for processing the functions of the consumer device 32 and a display 32(d) to allow a consumer to see phone numbers and other information and messages. The consumer device 32 may further include input elements 32(e) to allow a consumer to input information into the device, a speaker 32(f) to allow the consumer to hear voice communication, music, etc., and a microphone 32(i) to allow the consumer to transmit her voice through the consumer device 32. The consumer device 32 may also include an antenna 32(a) for wireless data transfer (e.g., data transmission).
If the consumer device is in the form of a debit, credit, or smartcard, the consumer device may also optionally have features such as magnetic strips. Such devices can operate in either a contact or contactless mode.
An example of a consumer device 32″ in the form of a card is shown in
As shown in
Embodiments of the invention are not limited to the above-described embodiments. For example, although separate functional blocks are shown for an issuer, payment processing system, and acquirer, some entities perform all of these functions and may be included in embodiments of invention.
It should be understood that the present invention as described above can be implemented in the form of control logic using computer software in a modular or integrated manner. Based on the disclosure and teachings provided herein, a person of ordinary skill in the art will know and appreciate other ways and/or methods to implement the present invention using hardware and a combination of hardware and software
Any of the software components or functions described in this application, may be implemented as software code to be executed by a processor using any suitable computer language such as, for example, Java, C++ or Perl using, for example, conventional or object-oriented techniques. The software code may be stored as a series of instructions, or commands on a computer readable medium, such as a random access memory (RAM), a read only memory (ROM), a magnetic medium such as a hard-drive or a floppy disk, or an optical medium such as a CD-ROM. Any such computer readable medium may reside on or within a single computational apparatus, and may be present on or within different computational apparatuses within a system or network.
The above description is illustrative and is not restrictive. Many variations of the invention will become apparent to those skilled in the art upon review of the disclosure. The scope of the invention should, therefore, be determined not with reference to the above description, but instead should be determined with reference to the pending claims along with their full scope or equivalents.
One or more features from any embodiment may be combined with one or more features of any other embodiment without departing from the scope of the invention.
A recitation of “a”, “an” or “the” is intended to mean “one or more” unless specifically indicated to the contrary.
All patents, patent applications, publications, appendixes, and descriptions mentioned above are herein incorporated by reference in their entirety for all purposes. None is admitted to be prior art.
Claims
1. A method, comprising:
- receiving, using a server computer, an initial authorization request message comprising a second account number, a second expiration date and a second verification value, the second account number, the second expiration date and the second verification value being utilized in place of a first account number, a first expiration date and a first verification value, the initial authorization request message being part of a transaction with respect to an account corresponding to the first account number, the second account number determined based at least in part on a first segment of an encrypted account number portion and a remaining portion of the first account number, the encrypted account number portion being formed at least in part by encrypting a first portion of the first account number, the first portion having less digits than the whole first account number, the remaining portion corresponding to an unencrypted portion of the first account number, the second expiration date determined based at least in part on a second segment of the encrypted account number portion, the second verification value determined based at least in part on a third segment of the encrypted account number portion;
- determining the first account number, the first expiration date and the first verification value based at least in part on the second account number, the second expiration date and the second verification value; and
- sending a modified authorization request message to an issuer, wherein the modified authorization request message comprises the first account number, the first expiration date, and the first verification value;
- wherein (i) each segment of the encrypted account number portion contains less information than the whole encrypted account number portion and (ii) the first segment, the second segment and the third segment of the encrypted account number portion collectively contain all the information in the whole encrypted account number portion.
2. The method of claim 1, wherein determining the second expiration date comprises determining the second expiration date at least in part by mapping the second segment of the encrypted account number portion to a date.
3. The method of claim 1, wherein the second account number comprises a signal segment, the third segment of the encrypted account number portion, and an unencrypted portion of the first account number, the signal segment of the second account number indicating that the second account number includes an encrypted portion.
4. The method of claim 1, wherein the unencrypted portion of the first account number is incorporated into the second account number.
5. The method of claim 1, wherein the second account number comprises a signal segment, which informs the server computer to generate the modified authorization request message.
6. The method of claim 1, wherein the first account number, the first expiration date, and the first verification value are associated with a debit or credit card.
7. The method of claim 1, wherein determining the first account number, the first expiration date and the first verification value based at least in part on the second account number, the second expiration date and the second verification value comprises undoing one or more operations utilized to determine the second account number, the second expiration date and the second verification value based at least in part on the first account number, the first expiration date and the first verification value.
8. A non-transitory computer readable medium comprising code, executable by at least one processor, for implementing a method comprising:
- receiving, using a server computer, an initial authorization request message comprising a second account number, a second expiration date and a second verification value, the second account number, the second expiration date and the second verification value being utilized in place of a first account number, a first expiration date and a first verification value, the initial authorization request message being part of a transaction with respect to an account corresponding to the first account number, the second account number determined based at least in part on a first segment of an encrypted account number portion and a remaining portion of the first account number, the encrypted account number portion being formed at least in part by encrypting a first portion of the first account number, the first portion having less digits than the whole first account number, the remaining portion corresponding to an unencrypted portion of the first account number, the second expiration date determined based at least in part on a second segment of the encrypted account number portion, the second verification value determined based at least in part on a third segment of the encrypted account number portion;
- determining the first account number, the first expiration date and the first verification value based at least in part on the second account number, the second expiration date and the second verification value; and
- sending a modified authorization request message to an issuer, wherein the modified authorization request message comprises the first account number, the first expiration date, and the first verification value;
- wherein (i) each segment of the encrypted account number portion contains less information than the whole encrypted account number portion and (ii) the first segment, the second segment and the third segment of the encrypted account number portion collectively contain all the information in the whole encrypted account number portion.
9. The non-transitory computer readable medium of claim 8, wherein determining the second expiration date comprises determining the second expiration date at least in part by mapping the second segment of the encrypted account number portion to a date.
10. The non-transitory computer readable medium of claim 8, wherein the second account number comprises a signal segment, the third segment of the encrypted account number portion, and an unencrypted portion of the first account number, the signal segment of the second account number indicating that the second account number includes an encrypted portion.
11. The non-transitory computer readable medium of claim 8, wherein the unencrypted portion of the first account number is incorporated into the second account number.
12. The non-transitory computer readable medium of claim 8, wherein the second account number comprises a signal segment, which informs the server computer to generate the modified authorization request message.
13. The non-transitory computer readable medium of claim 8, wherein the first account number, the first expiration date, and the first verification value are associated with a debit or credit card.
14. The non-transitory computer readable medium of claim 8, wherein determining the first account number, the first expiration date and the first verification value based at least in part on the second account number, the second expiration date and the second verification value comprises undoing one or more operations utilized to determine the second account number, the second expiration date and the second verification value based at least in part on the first account number, the first expiration date and the first verification value.
15. A computer apparatus comprising:
- at least one processor; and
- at least one non-transitory computer readable medium communicatively coupled with the at least one processor and collectively having stored thereon code, executable by the at least one processor, that configures the computer apparatus to, at least: receive an initial authorization request message comprising a second account number, a second expiration date and a second verification value, the second account number, the second expiration date and the second verification value being utilized in place of a first account number, a first expiration date and a first verification value, the initial authorization request message being part of a transaction with respect to an account corresponding to the first account number, the second account number determined based at least in part on a first segment of an encrypted account number portion and a remaining portion of the first account number, the encrypted account number portion being formed at least in part by encrypting a first portion of the first account number, the first portion having less digits than the whole first account number, the remaining portion corresponding to an unencrypted portion of the first account number, the second expiration date determined based at least in part on a second segment of the encrypted account number portion, the second verification value determined based at least in part on a third segment of the encrypted account number portion; determine the first account number, the first expiration date and the first verification value based at least in part on the second account number, the second expiration date and the second verification value; and send a modified authorization request message to an issuer, wherein the modified authorization request message comprises the first account number, the first expiration date, and the first verification value;
- wherein (i) each segment of the encrypted account number portion contains less information than the whole encrypted account number portion and (ii) the first segment, the second segment and the third segment of the encrypted account number portion collectively contain all the information in the whole encrypted account number portion.
16. The computer apparatus of claim 15, wherein determining the second expiration date comprises determining the second expiration date at least in part by mapping the second segment of the encrypted account number portion to a date.
17. The computer apparatus of claim 15, wherein the second account number comprises a signal segment, the third segment of the encrypted account number portion, and an unencrypted portion of the first account number, the signal segment of the second account number indicating that the second account number includes an encrypted portion.
18. The computer apparatus of claim 15, wherein the unencrypted portion of the first account number is incorporated into the second account number.
19. The computer apparatus of claim 15, wherein the first account number, the first expiration date, and the first verification value are associated with a debit or credit card.
20. The computer apparatus of claim 15, wherein determining the first account number, the first expiration date and the first verification value based at least in part on the second account number, the second expiration date and the second verification value comprises undoing one or more operations utilized to determine the second account number, the second expiration date and the second verification value based at least in part on the first account number, the first expiration date and the first verification value.
5280527 | January 18, 1994 | Gullman |
5613012 | March 18, 1997 | Hoffman |
5781438 | July 14, 1998 | Lee |
5883810 | March 16, 1999 | Franklin |
5930767 | July 27, 1999 | Reber |
5953710 | September 14, 1999 | Fleming |
5956699 | September 21, 1999 | Wong et al. |
6000832 | December 14, 1999 | Franklin |
6014635 | January 11, 2000 | Harris |
6044360 | March 28, 2000 | Picciallo |
6070154 | May 30, 2000 | Tavor et al. |
6163771 | December 19, 2000 | Walker |
6227447 | May 8, 2001 | Campisano |
6236981 | May 22, 2001 | Hill |
6267292 | July 31, 2001 | Walker |
6327578 | December 4, 2001 | Linehan |
6341724 | January 29, 2002 | Campisano |
6385596 | May 7, 2002 | Wiser |
6422462 | July 23, 2002 | Cohen |
6425523 | July 30, 2002 | Shem Ur Jonathan |
6453301 | September 17, 2002 | Niwa |
6484182 | November 19, 2002 | Dunphy |
6592044 | July 15, 2003 | Wong |
6636833 | October 21, 2003 | Flitcroft |
6748367 | June 8, 2004 | Lee |
6805287 | October 19, 2004 | Bishop |
6879965 | April 12, 2005 | Fung |
6891953 | May 10, 2005 | DeMello |
6901387 | May 31, 2005 | Wells |
6931382 | August 16, 2005 | Laage |
6938019 | August 30, 2005 | Uzo |
6941285 | September 6, 2005 | Sarcanin |
6980670 | December 27, 2005 | Hoffman |
6990470 | January 24, 2006 | Hogan |
6991157 | January 31, 2006 | Bishop |
7051929 | May 30, 2006 | Li |
7069249 | June 27, 2006 | Stolfo |
7103576 | September 5, 2006 | Mann, III |
7113930 | September 26, 2006 | Eccles |
7136835 | November 14, 2006 | Flitcroft |
7177835 | February 13, 2007 | Walker |
7177848 | February 13, 2007 | Hogan |
7194437 | March 20, 2007 | Britto |
7209561 | April 24, 2007 | Shankar et al. |
7212635 | May 1, 2007 | Nishikawa et al. |
7264154 | September 4, 2007 | Harris |
7287692 | October 30, 2007 | Patel |
7292999 | November 6, 2007 | Hobson |
7350230 | March 25, 2008 | Forrest |
7353382 | April 1, 2008 | Labrou |
7379919 | May 27, 2008 | Hogan |
RE40444 | July 29, 2008 | Linehan |
7415443 | August 19, 2008 | Hobson |
7444676 | October 28, 2008 | Asghari-Kamrani |
7469151 | December 23, 2008 | Khan |
7548889 | June 16, 2009 | Bhambri |
7567934 | July 28, 2009 | Flitcroft |
7567936 | July 28, 2009 | Peckover |
7571139 | August 4, 2009 | Giordano |
7571142 | August 4, 2009 | Flitcroft |
7580898 | August 25, 2009 | Brown |
7584153 | September 1, 2009 | Brown |
7587502 | September 8, 2009 | Crawford |
7593896 | September 22, 2009 | Flitcroft |
7606560 | October 20, 2009 | Labrou |
7627531 | December 1, 2009 | Breck |
7627895 | December 1, 2009 | Gifford |
7631804 | December 15, 2009 | Brown |
7650314 | January 19, 2010 | Saunders |
7658324 | February 9, 2010 | Gindele |
7685037 | March 23, 2010 | Reiners |
7702578 | April 20, 2010 | Fung |
7707120 | April 27, 2010 | Dominguez |
7711586 | May 4, 2010 | Aggarwal |
7712655 | May 11, 2010 | Wong |
7734527 | June 8, 2010 | Uzo |
7753265 | July 13, 2010 | Harris |
7770789 | August 10, 2010 | Oder, Ii |
7784685 | August 31, 2010 | Hopkins, Iii |
7793851 | September 14, 2010 | Mullen |
7801826 | September 21, 2010 | Labrou |
7805376 | September 28, 2010 | Smith |
7805378 | September 28, 2010 | Berardi |
7818264 | October 19, 2010 | Hammad |
7828220 | November 9, 2010 | Mullen |
7835960 | November 16, 2010 | Breck |
7841523 | November 30, 2010 | Oder |
7841539 | November 30, 2010 | Hewton |
7844550 | November 30, 2010 | Walker |
7848980 | December 7, 2010 | Carlson |
7849020 | December 7, 2010 | Johnson |
7853529 | December 14, 2010 | Walker |
7853995 | December 14, 2010 | Chow |
7865414 | January 4, 2011 | Fung |
7873579 | January 18, 2011 | Hobson |
7873580 | January 18, 2011 | Hobson |
7890393 | February 15, 2011 | Talbert |
7891563 | February 22, 2011 | Oder, Ii |
7896238 | March 1, 2011 | Fein |
7899753 | March 1, 2011 | Everhart |
7908216 | March 15, 2011 | Davis et al. |
7922082 | April 12, 2011 | Muscato |
7931195 | April 26, 2011 | Mullen |
7937324 | May 3, 2011 | Patterson |
7938318 | May 10, 2011 | Fein |
7954705 | June 7, 2011 | Mullen |
7959076 | June 14, 2011 | Hopkins, Iii |
7996288 | August 9, 2011 | Stolfo |
8025223 | September 27, 2011 | Saunders |
8046256 | October 25, 2011 | Chien |
8060448 | November 15, 2011 | Jones |
8060449 | November 15, 2011 | Zhu |
8074877 | December 13, 2011 | Mullen |
8074879 | December 13, 2011 | Harris |
8082210 | December 20, 2011 | Hansen |
8095113 | January 10, 2012 | Kean et al. |
8104679 | January 31, 2012 | Brown |
RE43157 | February 7, 2012 | Bishop |
8109436 | February 7, 2012 | Hopkins, Iii |
8121942 | February 21, 2012 | Carlson |
8121956 | February 21, 2012 | Carlson |
8126449 | February 28, 2012 | Beenau |
8132723 | March 13, 2012 | Hogg et al. |
8171525 | May 1, 2012 | Pelly |
8175973 | May 8, 2012 | Davis et al. |
8190523 | May 29, 2012 | Patterson |
8196813 | June 12, 2012 | Vadhri, Sr. |
8205791 | June 26, 2012 | Randazza |
8219489 | July 10, 2012 | Patterson |
8224702 | July 17, 2012 | Mengerink |
8225385 | July 17, 2012 | Chow |
8229852 | July 24, 2012 | Carlson |
8265993 | September 11, 2012 | Chien |
8280777 | October 2, 2012 | Mengerink |
8281991 | October 9, 2012 | Wentker et al. |
8328095 | December 11, 2012 | Oder, Ii |
8336088 | December 18, 2012 | Raj et al. |
8346666 | January 1, 2013 | Lindelsee et al. |
8376225 | February 19, 2013 | Hopkins, Iii |
8380177 | February 19, 2013 | Laracey |
8387873 | March 5, 2013 | Saunders |
8401539 | March 19, 2013 | Beenau |
8401898 | March 19, 2013 | Chien |
8402555 | March 19, 2013 | Grecia |
8403211 | March 26, 2013 | Brooks |
8412623 | April 2, 2013 | Moon |
8412837 | April 2, 2013 | Emigh |
8417642 | April 9, 2013 | Oren |
8447699 | May 21, 2013 | Batada |
8453223 | May 28, 2013 | Svigals |
8453925 | June 4, 2013 | Fisher |
8458487 | June 4, 2013 | Palgon |
8484134 | July 9, 2013 | Hobson |
8485437 | July 16, 2013 | Mullen |
8494959 | July 23, 2013 | Hathaway |
8498908 | July 30, 2013 | Mengerink |
8504475 | August 6, 2013 | Brand et al. |
8504478 | August 6, 2013 | Saunders |
8510816 | August 13, 2013 | Quach |
8433116 | April 30, 2013 | Davis et al. |
8528067 | September 3, 2013 | Hurry et al. |
8533860 | September 10, 2013 | Grecia |
8538845 | September 17, 2013 | Liberty |
8555079 | October 8, 2013 | Shablygin |
8566168 | October 22, 2013 | Bierbaum |
8567670 | October 29, 2013 | Stanfield |
8571939 | October 29, 2013 | Lindsey |
8577336 | November 5, 2013 | Mechaley, Jr. |
8577803 | November 5, 2013 | Chatterjee |
8577813 | November 5, 2013 | Weiss |
8578176 | November 5, 2013 | Mattsson |
8583494 | November 12, 2013 | Fisher |
8584251 | November 12, 2013 | Mcguire |
8589237 | November 19, 2013 | Fisher |
8589271 | November 19, 2013 | Evans |
8589291 | November 19, 2013 | Carlson |
8595098 | November 26, 2013 | Starai |
8595812 | November 26, 2013 | Bomar |
8595850 | November 26, 2013 | Spies |
8606638 | December 10, 2013 | Dragt |
8606700 | December 10, 2013 | Carlson |
8606720 | December 10, 2013 | Baker |
8615468 | December 24, 2013 | Varadarajan |
8620754 | December 31, 2013 | Fisher |
8635157 | January 21, 2014 | Smith |
8646059 | February 4, 2014 | Von Behren |
8651374 | February 18, 2014 | Brabson |
8656180 | February 18, 2014 | Shablygin |
8751391 | June 10, 2014 | Freund |
8762263 | June 24, 2014 | Gauthier et al. |
8769275 | July 1, 2014 | von Mueller et al. |
8793186 | July 29, 2014 | Patterson |
8838982 | September 16, 2014 | Carlson et al. |
8856539 | October 7, 2014 | Weiss |
8887308 | November 11, 2014 | Grecia |
9065643 | June 23, 2015 | Hurry et al. |
9070129 | June 30, 2015 | Sheets et al. |
9100826 | August 4, 2015 | Weiss |
9160741 | October 13, 2015 | Wentker et al. |
9229964 | January 5, 2016 | Stevelinck |
9245267 | January 26, 2016 | Singh |
9249241 | February 2, 2016 | Dai et al. |
9256871 | February 9, 2016 | Anderson et al. |
9280765 | March 8, 2016 | Hammad |
9530137 | December 27, 2016 | Weiss |
9680942 | June 13, 2017 | Dimmick |
10140598 | November 27, 2018 | Faith et al. |
20010029485 | October 11, 2001 | Brody |
20010034720 | October 25, 2001 | Armes |
20010054003 | December 20, 2001 | Chien |
20020007320 | January 17, 2002 | Hogan |
20020016749 | February 7, 2002 | Borecki |
20020029193 | March 7, 2002 | Ranjan |
20020035548 | March 21, 2002 | Hogan |
20020073045 | June 13, 2002 | Rubin |
20020116341 | August 22, 2002 | Hogan |
20020133467 | September 19, 2002 | Hobson |
20020147913 | October 10, 2002 | Lun Yip |
20030028481 | February 6, 2003 | Flitcroft |
20030080183 | May 1, 2003 | Rajasekaran et al. |
20030130955 | July 10, 2003 | Hawthorne |
20030191709 | October 9, 2003 | Elston |
20030191945 | October 9, 2003 | Keech |
20030208450 | November 6, 2003 | Nunez Benito et al. |
20040010462 | January 15, 2004 | Moon |
20040050928 | March 18, 2004 | Bishop |
20040059682 | March 25, 2004 | Hasumi |
20040093281 | May 13, 2004 | Silverstein |
20040139008 | July 15, 2004 | Mascavage |
20040143532 | July 22, 2004 | Lee |
20040158532 | August 12, 2004 | Breck |
20040210449 | October 21, 2004 | Breck |
20040210498 | October 21, 2004 | Freund |
20040232225 | November 25, 2004 | Bishop |
20040236632 | November 25, 2004 | Maritzen |
20040260646 | December 23, 2004 | Berardi |
20050037735 | February 17, 2005 | Coutts |
20050080730 | April 14, 2005 | Sorrentino |
20050108178 | May 19, 2005 | York |
20050199709 | September 15, 2005 | Linlor |
20050246293 | November 3, 2005 | Ong |
20050269401 | December 8, 2005 | Spitzer |
20050269402 | December 8, 2005 | Spitzer |
20060124756 | June 15, 2006 | Brown |
20060161435 | July 20, 2006 | Atef et al. |
20060235795 | October 19, 2006 | Johnson |
20060237528 | October 26, 2006 | Bishop |
20060278704 | December 14, 2006 | Saunders |
20070055630 | March 8, 2007 | Gauthier et al. |
20070100754 | May 3, 2007 | Brown |
20070107044 | May 10, 2007 | Yuen |
20070129955 | June 7, 2007 | Dalmia |
20070136193 | June 14, 2007 | Starr |
20070136211 | June 14, 2007 | Brown |
20070170247 | July 26, 2007 | Friedman |
20070179885 | August 2, 2007 | Bird |
20070194104 | August 23, 2007 | Fukuda |
20070208671 | September 6, 2007 | Brown |
20070245414 | October 18, 2007 | Chan |
20070255657 | November 1, 2007 | Brown |
20070276765 | November 29, 2007 | Hazel et al. |
20070288377 | December 13, 2007 | Shaked |
20070291995 | December 20, 2007 | Rivera |
20070294182 | December 20, 2007 | Hammad |
20080005037 | January 3, 2008 | Hammad et al. |
20080015988 | January 17, 2008 | Brown |
20080017712 | January 24, 2008 | Hart et al. |
20080029593 | February 7, 2008 | Hammad et al. |
20080029607 | February 7, 2008 | Mullen |
20080034221 | February 7, 2008 | Hammad et al. |
20080035738 | February 14, 2008 | Mullen |
20080040271 | February 14, 2008 | Hammad et al. |
20080040276 | February 14, 2008 | Hammad et al. |
20080040284 | February 14, 2008 | Hazel et al. |
20080052226 | February 28, 2008 | Agarwal |
20080054068 | March 6, 2008 | Mullen |
20080054079 | March 6, 2008 | Mullen |
20080054081 | March 6, 2008 | Mullen |
20080065553 | March 13, 2008 | Faith et al. |
20080065554 | March 13, 2008 | Hogan |
20080065555 | March 13, 2008 | Mullen |
20080071681 | March 20, 2008 | Khalid |
20080091617 | April 17, 2008 | Hazel et al. |
20080091944 | April 17, 2008 | von Mueller |
20080103982 | May 1, 2008 | Hammad et al. |
20080189214 | August 7, 2008 | Mueller et al. |
20080201264 | August 21, 2008 | Brown |
20080201265 | August 21, 2008 | Hewton |
20080228646 | September 18, 2008 | Myers |
20080243702 | October 2, 2008 | Hart |
20080245855 | October 9, 2008 | Fein |
20080245861 | October 9, 2008 | Fein |
20080283591 | November 20, 2008 | Oder, II |
20080302869 | December 11, 2008 | Mullen |
20080302876 | December 11, 2008 | Mullen |
20080313264 | December 18, 2008 | Pestoni |
20080319901 | December 25, 2008 | Brown |
20090006262 | January 1, 2009 | Brown et al. |
20090010488 | January 8, 2009 | Matsuoka |
20090037333 | February 5, 2009 | Flitcroft |
20090037388 | February 5, 2009 | Cooper et al. |
20090043702 | February 12, 2009 | Bennett |
20090048953 | February 19, 2009 | Hazel et al. |
20090048971 | February 19, 2009 | Hathaway |
20090060199 | March 5, 2009 | Von Mueller et al. |
20090063345 | March 5, 2009 | Erikson |
20090070583 | March 12, 2009 | Von Mueller et al. |
20090076938 | March 19, 2009 | Patterson |
20090106112 | April 23, 2009 | Dalmia |
20090106160 | April 23, 2009 | Skowronek |
20090134217 | May 28, 2009 | Flitcroft |
20090157555 | June 18, 2009 | Biffle |
20090159673 | June 25, 2009 | Mullen |
20090159700 | June 25, 2009 | Mullen |
20090159707 | June 25, 2009 | Mullen |
20090164381 | June 25, 2009 | Brown |
20090173782 | July 9, 2009 | Muscato |
20090200371 | August 13, 2009 | Kean et al. |
20090248583 | October 1, 2009 | Chhabra |
20090276347 | November 5, 2009 | Kargman |
20090281948 | November 12, 2009 | Carlson |
20090294527 | December 3, 2009 | Brabson |
20090307139 | December 10, 2009 | Mardikar |
20090308921 | December 17, 2009 | Mullen |
20090327131 | December 31, 2009 | Beenau |
20100008535 | January 14, 2010 | Abulafia |
20100027786 | February 4, 2010 | Faith et al. |
20100088237 | April 8, 2010 | Wankmueller |
20100094755 | April 15, 2010 | Kloster |
20100106644 | April 29, 2010 | Annan |
20100120408 | May 13, 2010 | Beenau |
20100127083 | May 27, 2010 | Brown et al. |
20100133334 | June 3, 2010 | Vadhri |
20100138347 | June 3, 2010 | Chen |
20100145860 | June 10, 2010 | Pelegero |
20100161433 | June 24, 2010 | White |
20100179909 | July 15, 2010 | Dana |
20100185545 | July 22, 2010 | Royyuru |
20100211505 | August 19, 2010 | Saunders |
20100223186 | September 2, 2010 | Hogan |
20100228668 | September 9, 2010 | Hogan |
20100235284 | September 16, 2010 | Moore |
20100258620 | October 14, 2010 | Torreyson |
20100291904 | November 18, 2010 | Musfeldt |
20100299267 | November 25, 2010 | Faith et al. |
20100306076 | December 2, 2010 | Taveau |
20100325041 | December 23, 2010 | Berardi |
20110010292 | January 13, 2011 | Giordano |
20110016047 | January 20, 2011 | Wu |
20110016320 | January 20, 2011 | Bergsten |
20110040640 | February 17, 2011 | Erikson |
20110047076 | February 24, 2011 | Carlson et al. |
20110083018 | April 7, 2011 | Kesanupalli |
20110087596 | April 14, 2011 | Dorsey |
20110093397 | April 21, 2011 | Carlson |
20110125597 | May 26, 2011 | Oder, Ii |
20110153437 | June 23, 2011 | Archer |
20110153498 | June 23, 2011 | Makhotin et al. |
20110154466 | June 23, 2011 | Harper |
20110161233 | June 30, 2011 | Tieken |
20110178926 | July 21, 2011 | Lindelsee et al. |
20110191244 | August 4, 2011 | Dai |
20110238511 | September 29, 2011 | Park |
20110238573 | September 29, 2011 | Varadarajan |
20110246317 | October 6, 2011 | Coppinger |
20110258111 | October 20, 2011 | Raj et al. |
20110272471 | November 10, 2011 | Mullen |
20110272478 | November 10, 2011 | Mullen |
20110276380 | November 10, 2011 | Mullen |
20110276381 | November 10, 2011 | Mullen |
20110276424 | November 10, 2011 | Mullen |
20110276425 | November 10, 2011 | Mullen |
20110295745 | December 1, 2011 | White |
20110302081 | December 8, 2011 | Saunders |
20120023567 | January 26, 2012 | Hammad |
20120028609 | February 2, 2012 | Hruska |
20120030047 | February 2, 2012 | Fuentes et al. |
20120035998 | February 9, 2012 | Chien |
20120041881 | February 16, 2012 | Basu |
20120047237 | February 23, 2012 | Arvidsson |
20120066078 | March 15, 2012 | Kingston |
20120072350 | March 22, 2012 | Goldthwaite |
20120078735 | March 29, 2012 | Bauer |
20120078798 | March 29, 2012 | Downing |
20120078799 | March 29, 2012 | Jackson |
20120095852 | April 19, 2012 | Bauer |
20120095865 | April 19, 2012 | Doherty |
20120116902 | May 10, 2012 | Cardina |
20120123882 | May 17, 2012 | Carlson |
20120123940 | May 17, 2012 | Killian |
20120129514 | May 24, 2012 | Beenau |
20120143754 | June 7, 2012 | Patel |
20120143767 | June 7, 2012 | Abadir |
20120143772 | June 7, 2012 | Abadir |
20120158580 | June 21, 2012 | Eram |
20120158593 | June 21, 2012 | Garfinkle |
20120173431 | July 5, 2012 | Ritchie |
20120185386 | July 19, 2012 | Salama |
20120197807 | August 2, 2012 | Schlesser |
20120203664 | August 9, 2012 | Torossian |
20120203666 | August 9, 2012 | Torossian |
20120215688 | August 23, 2012 | Musser |
20120215696 | August 23, 2012 | Salonen |
20120221421 | August 30, 2012 | Hammad |
20120226582 | September 6, 2012 | Hammad |
20120231844 | September 13, 2012 | Coppinger |
20120233004 | September 13, 2012 | Bercaw |
20120246070 | September 27, 2012 | Vadhri |
20120246071 | September 27, 2012 | Jain |
20120246079 | September 27, 2012 | Wilson et al. |
20120265631 | October 18, 2012 | Cronic |
20120271770 | October 25, 2012 | Harris |
20120297446 | November 22, 2012 | Webb |
20120300932 | November 29, 2012 | Cambridge |
20120303503 | November 29, 2012 | Cambridge |
20120303961 | November 29, 2012 | Kean |
20120304273 | November 29, 2012 | Bailey |
20120310725 | December 6, 2012 | Chien |
20120310831 | December 6, 2012 | Harris |
20120316992 | December 13, 2012 | Oborne |
20120317035 | December 13, 2012 | Royyuru |
20120317036 | December 13, 2012 | Bower |
20130017784 | January 17, 2013 | Fisher |
20130018757 | January 17, 2013 | Anderson et al. |
20130019098 | January 17, 2013 | Gupta |
20130031006 | January 31, 2013 | Mccullagh et al. |
20130054337 | February 28, 2013 | Brendell |
20130054466 | February 28, 2013 | Muscato |
20130054474 | February 28, 2013 | Yeager |
20130081122 | March 28, 2013 | Svigals |
20130091028 | April 11, 2013 | Oder, Ii |
20130110658 | May 2, 2013 | Lyman |
20130111599 | May 2, 2013 | Gargiulo |
20130117185 | May 9, 2013 | Collison |
20130124290 | May 16, 2013 | Fisher |
20130124291 | May 16, 2013 | Fisher |
20130124364 | May 16, 2013 | Mittal |
20130138525 | May 30, 2013 | Bercaw |
20130144888 | June 6, 2013 | Faith |
20130145148 | June 6, 2013 | Shablygin |
20130145172 | June 6, 2013 | Shablygin |
20130159178 | June 20, 2013 | Colon |
20130159184 | June 20, 2013 | Thaw |
20130166402 | June 27, 2013 | Parento |
20130166456 | June 27, 2013 | Zhang |
20130173736 | July 4, 2013 | Krzeminski |
20130185202 | July 18, 2013 | Goldthwaite |
20130191227 | July 25, 2013 | Pasa et al. |
20130191286 | July 25, 2013 | Cronic |
20130191289 | July 25, 2013 | Cronic |
20130198071 | August 1, 2013 | Jurss |
20130198080 | August 1, 2013 | Anderson et al. |
20130200146 | August 8, 2013 | Moghadam |
20130204787 | August 8, 2013 | Dubois |
20130204793 | August 8, 2013 | Kerridge |
20130212007 | August 15, 2013 | Mattsson |
20130212017 | August 15, 2013 | Bangia |
20130212019 | August 15, 2013 | Mattsson |
20130212024 | August 15, 2013 | Mattsson |
20130212026 | August 15, 2013 | Powell et al. |
20130212666 | August 15, 2013 | Mattsson |
20130218698 | August 22, 2013 | Moon |
20130218769 | August 22, 2013 | Pourfallah et al. |
20130226799 | August 29, 2013 | Raj |
20130226813 | August 29, 2013 | Voltz |
20130246199 | September 19, 2013 | Carlson |
20130246202 | September 19, 2013 | Tobin |
20130246203 | September 19, 2013 | Laracey |
20130246258 | September 19, 2013 | Dessert |
20130246259 | September 19, 2013 | Dessert |
20130246261 | September 19, 2013 | Purves et al. |
20130246267 | September 19, 2013 | Tobin |
20130254028 | September 26, 2013 | Salci |
20130254052 | September 26, 2013 | Royyuru |
20130254102 | September 26, 2013 | Royyuru |
20130254117 | September 26, 2013 | Von Mueller |
20130262296 | October 3, 2013 | Thomas |
20130262302 | October 3, 2013 | Lettow |
20130262315 | October 3, 2013 | Hruska |
20130262316 | October 3, 2013 | Hruska |
20130262317 | October 3, 2013 | Collinge |
20130275300 | October 17, 2013 | Killian |
20130275307 | October 17, 2013 | Khan |
20130275308 | October 17, 2013 | Paraskeva |
20130282502 | October 24, 2013 | Jooste |
20130282575 | October 24, 2013 | Mullen |
20130282588 | October 24, 2013 | Hruska |
20130297501 | November 7, 2013 | Monk et al. |
20130297504 | November 7, 2013 | Nwokolo |
20130297508 | November 7, 2013 | Belamant |
20130304649 | November 14, 2013 | Cronic |
20130308778 | November 21, 2013 | Fosmark |
20130311382 | November 21, 2013 | Fosmark |
20130317982 | November 28, 2013 | Mengerink |
20130332344 | December 12, 2013 | Weber |
20130339253 | December 19, 2013 | Sincai |
20130346305 | December 26, 2013 | Mendes |
20130346314 | December 26, 2013 | Mogollon |
20140007213 | January 2, 2014 | Sanin |
20140013106 | January 9, 2014 | Redpath |
20140013114 | January 9, 2014 | Redpath |
20140013452 | January 9, 2014 | Aissi et al. |
20140019352 | January 16, 2014 | Shrivastava |
20140025581 | January 23, 2014 | Calman |
20140025585 | January 23, 2014 | Calman |
20140025958 | January 23, 2014 | Calman |
20140032417 | January 30, 2014 | Mattsson |
20140032418 | January 30, 2014 | Weber |
20140040137 | February 6, 2014 | Carlson |
20140040139 | February 6, 2014 | Brudnicki |
20140040144 | February 6, 2014 | Plomske |
20140040145 | February 6, 2014 | Ozvat |
20140040148 | February 6, 2014 | Ozvat |
20140040628 | February 6, 2014 | Fort |
20140041018 | February 6, 2014 | Bomar |
20140046853 | February 13, 2014 | Spies |
20140047551 | February 13, 2014 | Nagasundaram et al. |
20140052532 | February 20, 2014 | Tsai |
20140052620 | February 20, 2014 | Rogers |
20140052637 | February 20, 2014 | Jooste |
20140068706 | March 6, 2014 | Aissi |
20140074637 | March 13, 2014 | Hammad |
20140108172 | April 17, 2014 | Weber et al. |
20140114857 | April 24, 2014 | Griggs et al. |
20140143137 | May 22, 2014 | Carlson |
20140164243 | June 12, 2014 | Aabye et al. |
20140188586 | July 3, 2014 | Carpenter et al. |
20140249945 | September 4, 2014 | Gauthier |
20140294701 | October 2, 2014 | Dai et al. |
20140297534 | October 2, 2014 | Patterson |
20140310183 | October 16, 2014 | Weber |
20140324690 | October 30, 2014 | Allen et al. |
20140330721 | November 6, 2014 | Wang |
20140330722 | November 6, 2014 | Laxminarayanan et al. |
20140331265 | November 6, 2014 | Mozell et al. |
20140337236 | November 13, 2014 | Wong et al. |
20140344153 | November 20, 2014 | Raj et al. |
20140372308 | December 18, 2014 | Sheets |
20150019443 | January 15, 2015 | Sheets et al. |
20150032625 | January 29, 2015 | Dill |
20150032626 | January 29, 2015 | Dill |
20150032627 | January 29, 2015 | Dill |
20150046338 | February 12, 2015 | Laxminarayanan |
20150046339 | February 12, 2015 | Wong et al. |
20150052064 | February 19, 2015 | Karpenko et al. |
20150081544 | March 19, 2015 | Schulz et al. |
20150088756 | March 26, 2015 | Makhotin et al. |
20150106239 | April 16, 2015 | Gaddam et al. |
20150112870 | April 23, 2015 | Nagasundaram et al. |
20150112871 | April 23, 2015 | Kumnick |
20150120472 | April 30, 2015 | Aabye et al. |
20150127529 | May 7, 2015 | Makhotin et al. |
20150127547 | May 7, 2015 | Powell et al. |
20150140960 | May 21, 2015 | Powell et al. |
20150142673 | May 21, 2015 | Nelsen et al. |
20150161597 | June 11, 2015 | Subramanian et al. |
20150178724 | June 25, 2015 | Ngo et al. |
20150180836 | June 25, 2015 | Wong et al. |
20150186864 | July 2, 2015 | Jones et al. |
20150193222 | July 9, 2015 | Pirzadeh et al. |
20150195133 | July 9, 2015 | Sheets et al. |
20150199679 | July 16, 2015 | Palanisamy et al. |
20150199689 | July 16, 2015 | Kumnick et al. |
20150220917 | August 6, 2015 | Aabye et al. |
20150269566 | September 24, 2015 | Gaddam et al. |
20150278799 | October 1, 2015 | Palanisamy |
20150287037 | October 8, 2015 | Salmon |
20150312038 | October 29, 2015 | Palanisamy |
20150319158 | November 5, 2015 | Kumnick |
20150332262 | November 19, 2015 | Lingappa |
20150356560 | December 10, 2015 | Shastry et al. |
20150363781 | December 17, 2015 | Badenhorst |
20160028550 | January 28, 2016 | Gaddam et al. |
20160036790 | February 4, 2016 | Shastry et al. |
20160042263 | February 11, 2016 | Gaddam et al. |
20160065370 | March 3, 2016 | Le Saint et al. |
20160092696 | March 31, 2016 | Guglani et al. |
20160092872 | March 31, 2016 | Prakash et al. |
20160092874 | March 31, 2016 | O'Regan |
20160103675 | April 14, 2016 | Aabye et al. |
20160119296 | April 28, 2016 | Laxminarayanan et al. |
20160132878 | May 12, 2016 | O'Regan |
20160140545 | May 19, 2016 | Flurscheim et al. |
20160148197 | May 26, 2016 | Dimmick |
20160148212 | May 26, 2016 | Dimmick |
20160171479 | June 16, 2016 | Prakash et al. |
20160173483 | June 16, 2016 | Wong et al. |
20160197725 | July 7, 2016 | Hammad |
20160210628 | July 21, 2016 | McGuire |
20160217461 | July 28, 2016 | Gaddam |
20160218875 | July 28, 2016 | Le Saint et al. |
20160224976 | August 4, 2016 | Basu |
20160224977 | August 4, 2016 | Sabba et al. |
20160232527 | August 11, 2016 | Patterson |
20160239842 | August 18, 2016 | Cash et al. |
20160269391 | September 15, 2016 | Gaddam |
20160308995 | October 20, 2016 | Youdale et al. |
20170046696 | February 16, 2017 | Powell et al. |
20170103387 | April 13, 2017 | Weber |
20170109745 | April 20, 2017 | Al-Bedaiwi |
20170186001 | June 29, 2017 | Reed et al. |
20170201520 | July 13, 2017 | Chandoor |
20170220818 | August 3, 2017 | Nagasundaram et al. |
20170228723 | August 10, 2017 | Taylor |
20170295155 | October 12, 2017 | Wong et al. |
20170364903 | December 21, 2017 | Lopez |
20180006821 | January 4, 2018 | Kinagi |
20180075081 | March 15, 2018 | Chipman |
20180247303 | August 30, 2018 | Raj |
20180262334 | September 13, 2018 | Hammad |
20180268405 | September 20, 2018 | Lopez |
20180324184 | November 8, 2018 | Kaja |
20180324584 | November 8, 2018 | Lopez |
1028401 | August 2000 | EP |
1921579 | May 2008 | EP |
2156397 | February 2010 | EP |
2000/014648 | March 2000 | WO |
2001035304 | May 2001 | WO |
2001035304 | May 2001 | WO |
2004/051585 | November 2003 | WO |
2004042536 | May 2004 | WO |
2005/001751 | June 2004 | WO |
2006113834 | October 2006 | WO |
2008059465 | May 2008 | WO |
2009032523 | March 2009 | WO |
2010078522 | July 2010 | WO |
2010135154 | November 2010 | WO |
2010135154 | February 2011 | WO |
2012068078 | May 2012 | WO |
2012098556 | July 2012 | WO |
2012142370 | October 2012 | WO |
2012167941 | December 2012 | WO |
2013048538 | April 2013 | WO |
2013056104 | April 2013 | WO |
2013119914 | August 2013 | WO |
2013179271 | December 2013 | WO |
- Sahut, J. (2008). Internet payment and banks. International Journal of Business, 13(4), 361-376. Retrieved on Jan. 1, 2021. Retrieved from <https://dialog.proquest.corn/professional/docview/198165394?accountid=131444>. (Year: 2008).
- American Bankers Association “The Bank Credit Card Business”, Second Edition, Washington, D.C, 1996.
- U.S. Appl. No. 12/778,638 , “Final Office Action”, dated May 20, 2015, 10 pages.
- U.S. Appl. No. 12/778,638 , “Final Office Action”, dated Aug. 16, 2013, 18 pages.
- U.S. Appl. No. 12/778,638 , “Non-Final Office Action”, dated Oct. 3, 2014, 10 pages.
- U.S. Appl. No. 12/778,638 , “Non-Final Office Action”, dated Mar. 16, 2012, 17 pages.
- U.S. Appl. No. 12/778,638 , “Notice of Allowance”, dated Jul. 25, 2018, 9 pages.
- PCT/US2010/034763 , “International Search Report and Written Opinion”, dated Dec. 8, 2010, 9 pages.
- White , “How Computers Work”, Que Publishing, Ninth Edition, Nov. 14, 2007, all pages.
- Petition for Inter Partes Review of U.S. Pat. No. 8,533,860 Challenging Claims 1-30 Under 35 U.S.C. § 312 and 37 C.F.R. § 42.104, filed Feb. 17, 2016, Before The USPTO Patent Trial and Appeal Board, IPR 2016-00600, 65 pages.
- Wang, et. al, U.S. Appl. No. 16/302,054 (unpublished), “Methods of Distributing Tokens and Managing Token Relationships,”, filed Nov. 15, 2018.
- Dean, et al., U.S. Appl. No. 16/311,144 (unpublished), “Encryption Key Exchange Process Using Access Device,”, filed Dec. 18, 2018.
Type: Grant
Filed: Oct 25, 2018
Date of Patent: May 11, 2021
Patent Publication Number: 20190066069
Assignee: Visa International Service Association (San Francisco, CA)
Inventors: Patrick Faith (Pleasanton, CA), Krishna Koganti (Cupertino, CA)
Primary Examiner: Abhishek Vyas
Assistant Examiner: Monica A Mandel
Application Number: 16/171,176
International Classification: G06Q 20/10 (20120101); G06Q 20/38 (20120101); G06Q 40/02 (20120101); H04L 9/32 (20060101);